Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
4,021 Commits 133 Branches 44 Tags 106 MiB
012937740f
Commit Graph

970 Commits

Author SHA1 Message Date
Daniel Weiße
47fbbd42a9
Fix tool not generating measurements for gcp-sev-snp (#3061) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-05-03 09:52:57 +02:00
edgelessci
96b71b0205
image: update measurements and image version (#3060) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-03 09:28:57 +02:00
edgelessci
3d2a023ccf
image: update measurements and image version (#3057) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-05-02 08:20:51 +02:00
Moritz Sanft
002c6fa5a4
snp: don't print warning if no ASK is present (#3048) 
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
 2024-04-29 14:38:34 +02:00
renovate[bot]
c1740b17d9
deps: update ghcr.io/edgelesssys/gcp-guest-agent Docker tag to v20240314 (#3042) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-29 11:01:21 +02:00
edgelessci
0df26c0e9b
image: update measurements and image version (#3043) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-26 08:05:44 +02:00
renovate[bot]
3ea0e3a487
deps: update K8s constrained AWS versions (#2938) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-04-25 15:49:50 +02:00
renovate[bot]
0f6491f3c7
deps: update K8s constrained Azure versions (#2941) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-04-25 15:48:46 +02:00
renovate[bot]
f00890ab1e
deps: update module k8s.io/kubernetes to v1.29.4 [SECURITY] (#3039) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-04-25 14:03:24 +02:00
edgelessci
591aba99fd
image: update measurements and image version (#3040) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-24 08:16:45 +02:00
Daniel Weiße
4635a6c8b1
attestation: dont set a default for TDX MRSEAM (#3038) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-04-22 14:07:24 +02:00
miampf
b187966581
cli: allow tagging cloud resources with custom tags (#3033) 2024-04-19 09:07:57 +00:00
edgelessci
f60c133724
image: update measurements and image version (#3034) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-19 08:30:06 +02:00
edgelessci
ea17af3dcc
image: update measurements and image version (#3030) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-17 08:18:39 +02:00
Moritz Sanft
913b09aeb8
Support SEV-SNP on GCP (#3011) 
* terraform: enable creation of SEV-SNP VMs on GCP

* variant: add SEV-SNP attestation variant

* config: add SEV-SNP config options for GCP

* measurements: add GCP SEV-SNP measurements

* gcp: separate package for SEV-ES

* attestation: add GCP SEV-SNP attestation logic

* gcp: factor out common logic

* choose: add GCP SEV-SNP

* cli: add TF variable passthrough for GCP SEV-SNP variables

* cli: support GCP SEV-SNP for `constellation verify`

* Adjust usage of GCP SEV-SNP throughout codebase

* ci: add GCP SEV-SNP

* terraform-provider: support GCP SEV-SNP

* docs: add GCP SEV-SNP reference

* linter fixes

* gcp: only run test with TPM simulator

* gcp: remove nonsense test

* Update cli/internal/cmd/verify.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update docs/docs/overview/clouds.md

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update terraform-provider-constellation/internal/provider/attestation_data_source_test.go

Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>

* linter fixes

* terraform_provider: correctly pass down CC technology

* config: mark attestationconfigapi as unimplemented

* gcp: fix comments and typos

* snp: use nonce and PK hash in SNP report

* snp: ensure we never use ARK supplied by Issuer (#3025)

* Make sure SNP ARK is always loaded from config, or fetched from AMD KDS
* GCP: Set validator `reportData` correctly

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* attestationconfigapi: add GCP to uploading

* snp: use correct cert

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* terraform-provider: enable fetching of attestation config values for GCP SEV-SNP

* linter fixes

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: Adrian Stobbe <stobbe.adrian@gmail.com>
 2024-04-16 18:13:47 +02:00
Daniel Weiße
485ebb151e
kubecmd: retry any k8s errors in CLI and Terraform (#3028) 
* Retry any k8s errors in CLI and Terraform
* Use structured logging in `kubecmd` package

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-04-16 15:12:42 +02:00
edgelessci
41e4f144ed
image: update measurements and image version (#3023) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-12 08:24:28 +02:00
Markus Rudy
f6dfea2a79
helm: unbreak helm test after Cilium version bump (#3022) 2024-04-11 09:38:15 +02:00
Markus Rudy
550798279a
Merge pull request from GHSA-g8fc-vrcg-8vjg 
* helm: firewall pods

* helm: bump cilium chart version

---------

Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-04-10 13:48:32 +02:00
edgelessci
7bdd4c2449
image: update measurements and image version (#3019) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-10 08:25:16 +02:00
edgelessci
249148abe2
image: update measurements and image version (#3013) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-05 15:23:44 +02:00
miampf
840f460bac
logging: unify debug log message format (#2997) 2024-04-03 13:49:03 +00:00
edgelessci
638a94c7c6
image: update measurements and image version (#3008) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-03 08:28:45 +02:00
edgelessci
d6ac1967c5
image: update measurements and image version (#3004) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-04-02 08:44:25 +02:00
edgelessci
367b278002
image: update measurements and image version (#3000) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-25 08:19:58 +01:00
edgelessci
89f311dac1
image: update measurements and image version (#2996) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-20 08:35:26 +01:00
edgelessci
e0bbb447a9
image: update measurements and image version (#2987) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-15 07:54:20 +01:00
Markus Rudy
54af083da3
helm: retry uninstall manually if atomic install failed (#2984) 2024-03-14 10:52:11 +01:00
edgelessci
3b8fa95648
image: update measurements and image version (#2983) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-13 09:08:44 +01:00
Malte Poll
923a41ba01 openstack: move credentials to instance user data 2024-03-11 16:43:36 +01:00
Malte Poll
c23f17de41 openstack: read credentials from clouds.yaml 2024-03-11 15:59:23 +01:00
Malte Poll
d69673fab7 terraform-provider: Add support for STACKIT / OpenStack 2024-03-11 15:59:23 +01:00
Malte Poll
1670d977c6 openstack: vendor clouds.yaml Go type definitions from gophercloud v2 beta 2024-03-11 15:59:23 +01:00
Malte Poll
6ddabd025d openstack: rename client type 2024-03-11 15:59:23 +01:00
Daniel Weiße
27330490f3
cli: retry auth handshake deadline exceeded errors in CLI and Terraform (#2976) 
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
 2024-03-08 13:15:06 +01:00
edgelessci
483c888a3c
image: update measurements and image version (#2975) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-08 08:40:29 +01:00
Malte Poll
108784c580 openstack: improve error message on IMDS failures 2024-03-07 11:47:51 +01:00
Malte Poll
7f262d18a8 imagefetcher: allow any marketplace image for OpenStack 2024-03-07 11:47:51 +01:00
Malte Poll
281c7c320c deps: update protobuf to v1.33.0 2024-03-06 14:50:01 +01:00
Malte Poll
8b41bcaecc cli: correct measurements in config generate stackit 2024-03-04 18:17:26 +01:00
Malte Poll
f94c6ca0d4 misc: skip message about community license with marketplace image 2024-03-04 18:17:26 +01:00
Malte Poll
1c8a7e4c22 cli: add STACKIT to constellation config instance-types 2024-03-04 18:17:26 +01:00
edgelessci
d8a8d9b6b9
image: update measurements and image version (#2963) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-03-01 08:31:34 +01:00
Malte Poll
3ce10eb00f terraform: allow STACKIT / OpenStack instance type to be UUID or name 2024-02-28 15:48:53 +01:00
edgelessci
79aaa77b6b
image: update measurements and image version (#2950) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-02-28 10:02:33 +01:00
edgelessci
b2ab5869b3
image: update measurements and image version (#2943) 
Co-authored-by: katexochen <49727155+katexochen@users.noreply.github.com>
 2024-02-23 09:33:12 +01:00
3u13r
2a61861a1c
stackit: add k8s api load balancer (#2925) 2024-02-22 17:39:34 +01:00
renovate[bot]
62acec17f6
deps: update Constellation containers (#2921) 
Co-authored-by: Leonard Cohnen <lc@edgeless.systems>
 2024-02-22 14:04:42 +01:00
Malte Poll
00d39ff7fa helm: update edgelesssys cinder-csi-plugin 2024-02-22 12:43:04 +01:00
Malte Poll
31f65fb486 openstack: find node CIDR with multiple subnets 2024-02-22 12:43:04 +01:00